- Timestamp:
- Sep 20, 2011 11:06:44 AM (13 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- 1e9331e
- Parents:
- 5954004
- File:
-
- 1 edited
-
fedd/fedd_create.py (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd_create.py
r5954004 r65f6442 6 6 7 7 import ABAC 8 import Creddy 8 9 9 10 from string import join, ascii_letters … … 102 103 } 103 104 104 def delegate(fedid, cert, dir, name=None, debug=False, 105 creddy='/usr/local/bin/creddy'): 105 def delegate(fedid, cert, dir, name=None, debug=False): 106 106 ''' 107 107 Make the creddy call to create an attribute delegating rights to the new … … 127 127 id_fn = '%s/%s_id.pem' % (dir, expid) 128 128 129 cmd = [creddy, '--attribute', '--issuer=%s' % certfile,130 '--key=%s' % keyfile,131 '--role=acting_for', '--subject-id=%s' % expid,132 '--out=%s' % fn ]133 if not debug:134 if subprocess.call(cmd) != 0:135 print >>sys.stderr, "Cannot delegate, things may fail"136 return []137 else:138 print join(cmd)129 try: 130 cid = Creddy.ID(certfile) 131 cid.load_privkey(keyfile) 132 cattr = Creddy.Attribute(cid, 'acting_for', 3600 * 24 * 365 * 10) 133 cattr.principal("%s" % expid) 134 cattr.bake() 135 cattr.write_name(fn) 136 except RuntimeError: 137 print >>sys.stderr, "Cannot create ABAC delegation. " + \ 138 "Did you run cert_to_fedid.py on your X.509 cert?" 139 139 return [] 140 140 … … 142 142 if context.load_id_file(certfile) != ABAC.ABAC_CERT_SUCCESS or \ 143 143 context.load_attribute_file(fn) != ABAC.ABAC_CERT_SUCCESS: 144 print >>sys.stderr, "Cannot load delegation into ABAC . " + \144 print >>sys.stderr, "Cannot load delegation into ABAC context. " + \ 145 145 "Did you run cert_to_fedid.py on your X.509 cert?" 146 146 return []
Note: See TracChangeset
for help on using the changeset viewer.
